I've been writing about technology for most of my adult life, focusing mainly on legal and regulatory issues. I write for a wide range of publications: credits include the Times, Daily Telegraph and Financial Times newspapers, as well as BBC radio and numerous technology titles. Here, I'll be covering the ways content is controlled on the internet, from censorship to online piracy and copyright. You can follow my posts by clicking the '+ Follow' button under my name.

Microsoft Stands Up To FBI Over Customer Data

Eager to promote its privacy credentials, Microsoft has revealed that it’s successfully seen off the FBI in court over a request for customer information.

Documents released this week show that the company received a National Security Letter (NSL) last year asking for “several categories of information” relating to a single user account for one of its enterprise customers. As an NSL, the application is subject to a gagging order, meaning that Microsoft wasn’t able to reveal its existence to the customer – the focus of its complaint.

Microsoft has strong policies on guarding customer data, winning it top marks in the Electronic Frontier Foundation’s Who Has Your Back report last week. “EFF believes that National Security Letters (NSLs) – secretive FBI orders for user data accompanied by a gag provision – are a violation of the Constitution,” says the EFF. “We think it is vital that companies are as forthcoming as legally allowable about these national security requests to help shed light on government abuses of contested surveillance powers.”

Late last year, Microsoft pledged to notify business and enterprise customers – though not, it’s worth noting, private customers – when it receives a legal order relating to their data. This is a promise it’s been able to deliver on in the past, either by managing to persuade the government to get the information another way, or by gaining permission from the customer to provide the data.

“We concluded that the nondisclosure provision was unlawful and violated our Constitutional right to free expression,” says Brad Smith, Microsoft’s general counsel and executive vice president for legal and corporate affairs. “It did so by hindering our practice of notifying enterprise customers when we receive legal orders related to their data.”

FBI Badge & gun. (Photo credit: Wikipedia)

Microsoft filed a challenge to the order in Federal Court in Seattle, and the FBI withdrew its letter.

This isn’t, though, a straightforward win for Microsoft. The court documents explain that eventually, as in previous cases, “the FBI obtained the requested information through lawful means from a third party, the Customer, in a way that maintains the confidentiality of the underlying investigation.” In other words, it reminds us, it has more ways of getting the data it wants than by asking Microsoft nicely for it.

It certainly doesn’t mean that the FBI has backed down, or that it acknowledges that Microsoft would have won its case in what’s a highly contentious area of law. Last month, for example, Judge James Francis of the New York Southern District Court ruled that Microsoft was obliged to hand over the emails and personal information of a US customer, even though that data was stored on Irish servers.

What the FBI has achieved by backing off is avoid a high-profile court case at a rather inconvenient time. A similar test case brought by an unnamed telecommunications company in 2011 led to a ruling last year that such gagging orders were unconstitutional. This ruling, though, is currently under appeal in a case that’s likely to last for much of this year. The FBI is undoubtedly reluctant to muddy the waters, particularly with such a well-resourced opponent as Microsoft.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.